rsyslog

The rocket-fast system for log processing pipelines

rsyslog

The rocket-fast system for log processing pipelines

How to automatically delete database contents?

Adiscon SupportFAQ,

Rsyslog supports writing to the database. Like with log files, the rsyslogd writes the data, but does not delete (or export) it. If you need the data only for a period of time, simply deleting excess data might be a workable solution.

Below are some examples how this can be done (thanks to Michael Meckelein for posting this in the forum):

You can start a script via cron job, e. g.

mysql -u database-userid -pdatabase-password -e “truncate table SystemEvents” database-name

to delete all data or like

mysql -u database-userid -pdatabase-password -e “DELETE FROM SystemEvents WHERE ReceivedAt < date_add(current_date, interval -1 day)” database-name

to delete data older than one day.

How to separate log files by host name of sending device?

Adiscon SupportFAQ, ,

Question:
I have activated remote logging and receiving syslog messages from several devices. I want to write a separate log file for each device sending syslog messages. How to achieve that?

Answer:
It is pretty easy. You can use dynaFiles for it. With them, you specify a template as the file name. For each message, the filename is re-generated and the output written to the respective file. Read the config file doc for details, but it basically is:

$template DynaFile,”/var/log/system-%HOSTNAME%.log”
*.* -?DynaFile

Changelog for 5.5.5 (devel)

adisconteamChangelog, ,

Version 5.5.5 [DEVEL] (rgerhards), 2010-05-20

  • added new cancel-reduced action thread termination method
    We now manage to cancel threads that block inside a retry loop to terminate without the need to cancel the thread. Avoiding cancellation helps keep the system complexity minimal and thus provides for better stability.
    This also solves some issues with improper shutdown when inside an action retry loop.

rsyslog 5.5.5 (devel) released

adisconteamNews, Release Announcement, ,

Hi all,

We have just released rsyslog 5.5.5, a member of the devel branch. This is a bug-fixing release which contains a single fix that solves a potential hang condition on system shutdown when infinite action retries are configured for an asynchronous action using a queue in disk-assisted mode and the action was suspended. This is probably not a very common case, but a configuration recommended by our doc samples. If you do not use such a configuration, there is no need to update at this time. See Changelog for more details.

ChangeLog:

http://www.rsyslog.com/article461/

Download:

http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-204.phtml

As always, feedback is appreciated.

Best regards,
Tom Bergfeld

Changelog for 4.7.2 (v4-devel)

adisconteamChangelog, ,

Version 4.7.2 [v4-devel] (rgerhards), 2010-05-03

  • bugfix: problems with atomic operations emulaton replaced atomic operation emulation with new code. The previous code seemed to have some issue and also limited concurrency severely. The whole atomic operation emulation has been rewritten.
  • added new $Sleep directive to hold processing for a couple of seconds during startup

Changelog for 5.5.4 (devel)

adisconteamChangelog, ,

Version 5.5.4 [DEVEL] (rgerhards), 2010-05-03

  • This version offers full support for Solaris on Intel and Sparc
  • bugfix: problems with atomic operations emulaton replaced atomic operation emulation with new code. The previous code seemed to have some issue and also limited concurrency severely. The whole atomic operation emulation has been rewritten.
  • bugfix: netstream ptcp support class was not correctly build on systems without epoll() support
  • bugfix: segfault on Solaris/Sparc

rsyslog now available on Sun Solaris

adisconteamNews,

Rsyslog has become the de-facto standard on modern Linux operating systems. It’s high-performance log processing, database integration, modularity and support for multiple logging protocols make it the sysadmin’s logging daemon of choice. The project was started in 2004 and has since then evolved rapidly.

Starting with today, rsyslog is not only available on Linux and BSD, but also on Sun Solaris. Both Intel and Sparc machines are fully supported under Solaris. Depending on operator need, rsyslog can replace stock Solaris syslogd or be used in conjunction with it. The later case provides enhanced rsyslog functionality without the need to change the system infrastructure. Continue reading “rsyslog now available on Sun Solaris”

rsyslog 4.7.2 (v4-devel) released

adisconteamNews, Release Announcement, ,

Hi all,

We have just released rsyslog 4.7.2, a member of the v4-devel branch. 4.7.2 is a bugfixing-release. Its primary bugfix solves problems with atomic instruction emulation. Users who have compiled rsyslog for older CPUs (like Intel 386) or CPUs for which gcc lacks atomic instruction support (like Sparc) are strongly encouraged to upgrade to the new versions. For all others, an update is optional. See Changelog for more details.

ChangeLog:

http://www.rsyslog.com/Article457

Download:

http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-202.phtml

As always, feedback is appreciated.

Best regards,
Tom Bergfeld

Scroll to top